I found this in my Startup.cs file in ConfigureServices in a default Visual Studio 2015 ASP.NET 5 project:
services.AddIdentity<ApplicationUser, IdentityRole>()
.AddEntityFrameworkStores<AuthorizationDbContext>()
.AddDefaultTokenProviders();
What does it exactly do, and how to use those "default providers"? Does it configure all token-based authentication for me? Where can I read more about it?
Despite their name, the token providers have nothing to do with token authentication: they are exclusively used to generate opaque tokens for account operations (like password reset or email change) and two-factor authentication.
There are currently 3 built-in providers:
DataProtectorTokenProvider: as the name suggests, it uses the data protection block (machine keys' equivalent in ASP.NET Core 1.0) to serialize encrypted tokens that can later be deserialized by the server.
EmailTokenProvider and PhoneNumberTokenProvider: these providers are derived from TotpSecurityStampBasedTokenProvider, which implements the Time-based One-time Password Algorithm (TOTP), a protocol designed to produce user-friendly and short tokens that can be sent in a SMS or in an email.
ASP.NET Core 1.0 doesn't offer native token authentication support (only token validation is supported: you can't produce your own tokens). You can read these SO posts for more information:
